SQL Server
SQL Server
PKCS11 Find Private Key by Label
See more PKCS11 Examples
Demonstrates how to find a private key based on a user-specified label.Note: This example requires Chilkat v9.5.0.96 or later.
Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- This example requires the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
-- Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems.
DECLARE @pkcs11 int
EXEC @hr = sp_OACreate 'Chilkat.Pkcs11', @pkcs11 OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
-- Use the PKCS11 driver (.dll, .so, .dylib) for your particular HSM.
-- For example:
EXEC sp_OASetProperty @pkcs11, 'SharedLibPath', 'C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS11.dll'
-- Use your HSM's PIN.
DECLARE @pin nvarchar(4000)
SELECT @pin = '0000'
-- Normal user = 1
DECLARE @userType int
SELECT @userType = 1
-- Establish a logged-on user session with the HSM.
EXEC sp_OAMethod @pkcs11, 'QuickSession', @success OUT, @userType, @pin
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @pkcs11, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @pkcs11
RETURN
END
-- Provide a template to find a PKCS11 object.
DECLARE @jsonTemplate int
EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jsonTemplate OUT
-- Find an RSA private key with the label "MySshKey".
-- Here's an example of how the key was originally imported:
-- PKCS11 Import SSH Key
EXEC sp_OAMethod @jsonTemplate, 'UpdateString', @success OUT, 'class', 'private_key'
EXEC sp_OAMethod @jsonTemplate, 'UpdateString', @success OUT, 'key_type', 'rsa'
EXEC sp_OAMethod @jsonTemplate, 'UpdateString', @success OUT, 'label', 'MySshKey'
DECLARE @privKeyHandle int
EXEC sp_OAMethod @pkcs11, 'FindObject', @privKeyHandle OUT, @jsonTemplate
IF @privKeyHandle = 0
BEGIN
EXEC sp_OAGetProperty @pkcs11, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @pkcs11
EXEC @hr = sp_OADestroy @jsonTemplate
RETURN
END
-- The private key handle is only valid during the PKCS11 session.
-- If you wish to use the private key in another PKCS11 session,
-- you'll first need to find it. See:
PRINT 'private key handle: ' + @privKeyHandle
-- Do whatever you wish with the private key handle...
-- ...
-- ...
EXEC sp_OAMethod @pkcs11, 'Logout', @success OUT
EXEC sp_OAMethod @pkcs11, 'CloseSession', @success OUT
EXEC @hr = sp_OADestroy @pkcs11
EXEC @hr = sp_OADestroy @jsonTemplate
END
GO